7.5
CVE-2005-1920
- EPSS 3.67%
- Veröffentlicht 26.07.2005 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:13:55
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
The (1) Kate and (2) Kwrite applications in KDE KDE 3.2.x through 3.4.0 do not properly set the same permissions on the backup file as were set on the original file, which could allow local users and possibly remote attackers to obtain sensitive information.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Debian ≫ Debian Linux Version3.1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 3.67% | 0.882 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
CWE-281 Improper Preservation of Permissions
The product does not preserve permissions or incorrectly preserves permissions when copying, restoring, or sharing objects, which can cause them to have less restrictive permissions than intended.
http://www.novell.com/linux/security/advisories/2005_18_sr.html
http://www.securityfocus.com/archive/1/427976/100/0/threaded
http://marc.info/?l=bugtraq&m=112171434023679&w=2
http://secunia.com/advisories/16099
http://secunia.com/advisories/23099
http://security.gentoo.org/glsa/glsa-200611-21.xml
http://securitytracker.com/id?1014512
http://www.debian.org/security/2005/dsa-804
http://www.kde.org/info/security/advisory-20050718-1.txt
http://www.redhat.com/support/errata/RHSA-2005-612.html
http://www.securityfocus.com/bid/14297
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9434